[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: GWL 0.3.0 released
From: |
Bengt Richter |
Subject: |
Re: GWL 0.3.0 released |
Date: |
Thu, 11 Feb 2021 22:59:28 +0100 |
User-agent: |
Mutt/1.10.1 (2018-07-13) |
On +2021-02-11 21:37:56 +0100, Ricardo Wurmus wrote:
>
> Bengt Richter <bokr@bokr.com> writes:
>
> > gpg --verify gwl-0.3.0.tar.gz.sig
> > gpg: assuming signed data in 'gwl-0.3.0.tar.gz'
> > gpg: Signature made Sat 06 Feb 2021 09:28:59 PM CET
> > gpg: using RSA key BCA689B636553801C3C62150197A5888235FACAC
> > gpg: Good signature from "Ricardo Wurmus (Work)
> > <ricardo.wurmus@mdc-berlin.de>" [expired]
> > gpg: aka "rekado <rekado@elephly.net>" [expired]
> > ┌──────────────────────────────────┐
> > │ gpg: Note: This key has expired! │
> > └──────────────────────────────────┘
>
> You should get a fresh key from keys.openpgp.org
> Its expiry is regularly extended.
>
Thanks for all your Fosdem/guix work first of all, but I expected
--8<---------------cut here---------------start------------->8---
[17:29 ~/bs]$ gpg --keyserver keys.gnupg.net --recv-keys
BCA689B636553801C3C62150197A5888235FACAC
gpg: key 197A5888235FACAC: 16 signatures not checked due to missing keys
┌───────────────────────────────────────────────────────────────────────────────────────────────┐
│ gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work)
<ricardo.wurmus@mdc-berlin.de>" not changed │
└───────────────────────────────────────────────────────────────────────────────────────────────┘
gpg: Total number processed: 1
gpg: unchanged: 1
--8<---------------cut here---------------end--------------->8---
to give me an updated key, and am left wondering why it didn't :)
It seems I have a wrong default for keyserver:
--8<---------------cut here---------------start------------->8---
[22:21 ~/bs]$ gpg --refresh-keys
gpg: refreshing 6 keys from hkp://hkps.pool.sks-keyservers.net
gpg: key 197A5888235FACAC: 14 signatures not checked due to missing keys
┌───────────────────────────────────────────────────────────────────────────────────────────────┐
│ gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work)
<ricardo.wurmus@mdc-berlin.de>" not changed │
└───────────────────────────────────────────────────────────────────────────────────────────────┘
--8<---------------cut here---------------end--------------->8---
Maybe the original advice for getting a key should be extended with the
fresh key advice above (preferably the literal gpg command line, my guess re
that boxed below).
This seems to do it:
┌───────────────────────────────────────────────────────────────────────────────────────┐
│ gpg --recv-keys BCA689B636553801C3C62150197A5888235FACAC --keyserver
keys.openpgp.org │
└───────────────────────────────────────────────────────────────────────────────────────┘
(though my first try was "gpg --refresh-keys --keyserver keys.openpgp.org"
which only found you for the keys I have).
--8<---------------cut here---------------start------------->8---
[22:44 ~/bs]$ gpg --recv-keys BCA689B636553801C3C62150197A5888235FACAC
--keyserver keys.openpgp.org
gpg: Note: '--keyserver' is not considered an option
gpg: "--keyserver" not a key ID: skipping
gpg: "keys.openpgp.org" not a key ID: skipping
gpg: key 197A5888235FACAC: 16 signatures not checked due to missing keys
gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work)
<ricardo.wurmus@mdc-berlin.de>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
--8<---------------cut here---------------end--------------->8---
Now gpg --verify works \o/ :)
>
> Ricardo
--
Regards,
Bengt Richter